//package com.pp.tourism.web.config;
//
//import com.pp.tourism.config.security.FailureAuthenticationHandler;
//import com.pp.tourism.config.security.SuccessAuthenticationHandler;
//import com.pp.tourism.service.impl.TwUserDetailsServiceImpl;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.context.annotation.Bean;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
//import org.springframework.security.crypto.password.PasswordEncoder;
//
///**
// * swagger添加登录
// */
//@Configuration
//@EnableWebSecurity
//public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
//
//    @Autowired
//    private SuccessAuthenticationHandler successHandler;
//
//    @Autowired
//    private FailureAuthenticationHandler failureHandler;
//
//    @Autowired
//    private TwUserDetailsServiceImpl twUserDetailsService;
//
//    @Bean
//    public PasswordEncoder passwordEncoder() {
//        return new BCryptPasswordEncoder();
//    }
//
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
////        http.authorizeRequests()
////                .antMatchers("/swagger-ui.html", "/login").authenticated()
////                .and().httpBasic()
////                .and().authorizeRequests().anyRequest().hasRole("ADMIN")
////                .and().formLogin().loginPage("/tourism/login").successForwardUrl("/tourism/index.jsp").permitAll()
////                .and().csrf().disable();
//        // 自定义login.html登录界面
//        http.formLogin().loginPage("/login")
////                .loginProcessingUrl("/api/login") //form 表单action  +
//                .failureHandler(failureHandler)
//                .successHandler(successHandler)
////                .successForwardUrl("/tourism/index.jsp")
//                .permitAll()
//                //.usernameParameter("uname")
//                // .passwordParameter("psd")
//                .and().authorizeRequests().antMatchers("/login",
//                "/**/login","/tourism/user/queryUsers",
//                "/v2/api-docs", "/configuration/ui", "/swagger-resources", "/configuration/security", "/swagger-ui.html", "/webjars/**","/swagger-resources/configuration/ui","/tourism/swagge‌​r-ui.html#/").permitAll()
//                // 除了login.html页面以外都需要身份认证 （一定要记得添加这一句，否则就是死循环）
//                .anyRequest()/*.authenticated()*/.permitAll()
//                .and().csrf().disable();
//    }
//
//
//    @Autowired
//    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
//        auth.userDetailsService(twUserDetailsService).init(auth);
//    }
//
//}
